empowered by innovation - nec ux5000

Empowered by Innovation

PVAU NAT TraversalManual

P/N 0913106

Rev 2, June 2009Printed in U.S.A.

Technical Support Web Site:http://www.necux5000.com

This manual has been developed by NEC Unified Solutions, Inc. It is intended for the use of its customers and service personnel, and should be read in its entirety before attempting to install or program the system. Any comments or suggestions for improving this manual would be appreciated. Forward your remarks to:

NEC Unified Solutions, Inc.

4 Forest ParkwayShelton, CT 06484

necunifiedsolutions.com

Nothing contained in this manual shall be deemed to be, and this manual does not constitute, a warranty of, or representation with respect to, any of the equipment covered. This manual is subject to change without notice and NEC Unified Solutions, Inc. has no obligation to provide any updates or corrections to this manual. Further, NEC Unified Solutions, Inc. also reserves the right, without prior notice, to make changes in equipment design or components as it deems appropriate. No representation is made that this manual is complete or accurate in all respects and NEC Unified Solutions, Inc. shall not be liable for any errors or omissions. In no event shall NEC Unified Solutions, Inc. be liable for any incidental or consequential damages in connection with the use of this manual. This document contains proprietary information that is protected by copyright. All rights are reserved. No part of this document may be photocopied or reproduced without prior written consent of NEC Unified Solutions, Inc.

©2009 by NEC Unified Solutions, Inc. All Rights Reserved.Printed in U.S.A.

Issue 2.0 UX5000 PVAU NAT Traversal

2

Section 2 Features • The PVAU NAT application provides the ability to operate an NEC

UX5000 SIP terminal or UX Softphone behind a NAT router at a remote location.

• The PVAU blade with NAT application provides a security layer for the more critical functions of the UX5000.

• Multiple static WAN IP addresses at the location where the UX5000 is installed will not be necessary.

• The PVAU NAT application is implemented on a separate compact flash that contains this application. The compact flash is usable on any PVAU blade hardware.

• In most cases, the end user is not required to reprogram the NAT router at SOHO/remote location for operation.

• The PVAU NAT application will learn the phone numbers and associated information dynamically by being a proxy to the terminal.

• The PVAU NAT application allows the user to configure the following using the web interface: o PVA-NAT IP address, subnet mask and a default gateway. o SIP Server IP address (IP address of the CCPU - in Program

10-12-09) o SIP Server Port (SIP port of the CCPU - in Program 10-46-06) o Base Port (40000 by default) o Secure login and password

UX5000 PVAU NAT Traversal Issue 2.0

3

Conditions • The IP address of the PVAU NAT application will be defaulted to

192.168.1.100/24 when performing an upgrade/downgrade. It is necessary to log in with this address and set the SIP ALG parameters manually and then reset the blade to resume normal operation.

• The PVAU NAT (PVAU blade) must be assigned with a static Internet (WAN) IP address. It must have a separate public IP address from the UX5000.

• When the CCPU and VOIPDB (32, 64, 128) are located behind a NAPT router (local addresses), the NAPT router must be programmed for static port forwarding on the following IP Ports: - UDP Port 5080 (or entry in Program 10-46-06) - UDP Port Range 10020-10275 (or entry in Program 84-26-01

• The PVAU NAT application must be programmed independently of the UX5000 programming. The IP address cannot be assigned from CCPU Program 10-55-01. It will need to be programmed from the web GUI on the PVA-NAT application. The default IP address is 192.168.1.100/24.

• The PVAU blade is not visible on a PCPro database. Accordingly, power allocation will not be calculated by PCPro when the PVAU blade is installed.

• Supported terminals include the UX5000 desktop keyset, UX Desktop Applications/UX Softphone. NOT supported are Aspire keysets or standard SIP terminals.

• The PVAU NAT blade is not licensed, however, a SIP MLT terminal/UX Softphone license is required.

• BGM and MOH are not supported.

• Encryption is not supported by PVA-NAT. Encryption option (Pro-grams 10-46-07 and 84-27-03) must be disabled on the UX5000 and in the UX5000 IP terminal/UX Softphone.


4

• Multicast (MOH/Paging) is not supported. If a NAT caller calls into the UX5000 and is put on hold towards the NAT caller, then the NAT caller will not hear MOH, if multicast method is used.

• The NAT traversal function on the PVAU is intended for a plug-and-play environment with NAT routers. However, if a NAT router with port masquerading (when a port on the inside of the NAT is not exposed to the WAN side of the NAT) is used, the NAT traversal may not work.

• Only one IP terminal (UX5000 IP terminal or UX Softphone) is sup-ported for any given NAT router. The PVAU blade with NAT applica-tion will support up to 32 remote terminals, but each terminal must re-side behind a separate NAT router.

• Cascaded NAT (Nested NAT) is not supported.

• This application will not work in routers with NAT firewall functionality. If such a firewall exists, then the router must be programmed to either (a) put the IP terminal in a DMZ or (b) create port forwarding for RTP and SIP ports.

• The application may not work in a hotel/motel network where a login is required to enable internet for a room.

• The NAT Router must support port forwarding of Internet Protocol. Typically, NAT router manufacturers specify this feature as “Port For-warding” or “Port Trigger”. Note: Make sure the router supports protocol (TCP or UDP) based port forwarding.

• The local interface to which the UX5000 IP terminal or UX Softphone connects must meet 802.3 ethernet standards – preferably 100Mbps ethernet ports on the intranet/LAN side.

• A NAT router which is optimized for real-time data traffic is preferred. These are typically identified as supporting internet games or other real-time high traffic applications.

• Not all NAT routers are the same. The quality of NAT routers vary with respect to its ability to handle large quantities of data within a short span of time – typically known as throughput, or the ability to block/unblock voice or SIP traffic.


5

• Peer-to-peer integration will not be supported by NAT-enabled UX5000 IP terminals. All voice traffic will travel through the network location where the UX50000 with the PVAU NAT application is located. Program 10-26-04 must be turned off.

• Packet loss of 1% or less is recommended with the maximum of 3% from end to end.

• Bandwidth will vary depending on the media, payload and audio algorithms utilized.

Default Settings

None System Availability

Available with main software version 2.50

IP terminal firmware 2.1.2.0

Terminals UX5000 IP Terminals

Desktop Applications/UX Softphone Required Component(s)

CCPU

VOIPDB (32, 64,128)

PVAU Blade with NAT Application

Appropriate Licensing for SIP MLT terminals/UX Softphones Related Features

UX5000 Desktop Applications

IP Multiline Station (SIP)


6

Configuration Example

Note that the PVAU NAT requires a separate public IP address as it is

connected directly to the internet (before the router for the UX5000).

The defined IP addresses shown in the above graphic are examples only and your entries should be specific to your network environment.


7

Section 3 UX5000 Requirements

3.1 Main Software

PVAU NAT is supported with the version 2.50 or higher release of the UX5000.

3.2 Hardware

The UX5000 needs the following items: • CCPU (version 2.50 or higher) • VOIPDB (32, 64, 128) • PVAU blade with NAT Application

3.2.1 Capacity

512 Extensions/200 Trunk ports (as allowed by hardware and licensing)

3.3 License

• The UX5000 must be licensed for UX5000 IP Terminals and/or Desktop Applications UX Softphone.


8

Section 4 Considerations for Choosing a NAT Router When choosing a NAT router for inter-working with UX5000 voice over IP implementations, the following features are required on the router:

The NAT Router must support port forwarding the internet protocol. Typically, NAT router manufacturers specify this feature as “port forwarding” or “Port Trigger”

o Note: Make sure the router supports protocol (TCP or UDP) based port forwarding.

The Local Interface to which the VoIP terminal and/or software terminal connects must meet 802.3 ethernet standards – preferably 100Mbps ethernet ports on intranet/LAN side.

A NAT router which is optimized for real-time data traffic is preferred. These are typically identified as supporting internet games or other real-time high traffic applications.

4.1 Considerations for Voice Quality When Using NAT When using a NAT router, especially the ones that are readily available for home or small office usage, the following must be considered with respect to voice quality.

• Not all NAT routers are same. Depending on the quality of the router functions, the quality of NAT router varies with respect to its ability to handle large quantities of data within a short span of time – typically known as throughput, or the ability to block/unblock voice or SIP traffic.

• Depending on the capability of a NAT router used in a home office environment, it may support one or sometimes more than one IP terminal.

• Peer-to-Peer integration will not be supported by NAT-enabled UX5000 IP terminals. All voice traffic will travel through the network location where the UX5000 with SIP Station application is located.

• Packet loss of 1% or less is recommended with the maximum of 3% from end to end.

• Bandwidth will vary depending on the media, payload and audio algorithms utilized.


9

Section 5 Installation

When purchased, the Packet Voiced Application blade [PVAU blade] will support multiple applications. Users can load specific compact flash solutions such as the PVAU NAT application.

1. The PVAU blade with PVAU NAT application can be installed in the chassis in any available slot, it does not require UX5000 blade type configuration. Upon a successful initialization, the far right LED will flash green. This process may take up to 3 minutes.


10

Section 6 Guide to UX5000 Programming The Level 1, Level 2 and Level 3 columns indicate the programs that are assigned when programming this feature in the order they are most com-monly used. These levels are used with PCPro and WebPro wizards for feature programming.

Level 1 – these are the most commonly assigned programs for this feature.

Level 2 – these are the next most commonly assigned programs for this feature.

Level 3 – these programs are not often assigned and require an expert level working knowledge of the UX5000 to be properly assigned.

Level Program Number Program Name Description/Comments Assigned Data

1 2 3

* = Minimum Required Programming

10-12-03 *

CCPU Network Setup – Default Gateway

Assign the de fault gateway IP address for the CCPU.

0.0.0.0 ~126.255.255.254 128.0.0.1 ~191.254.255.254 192.0.0.1 ~223.255.255.254 (default = 0.0.0.0)

10-12-09 *

CCPU Network Setup – IP Address

Set the IP Address for the VOIPDB (32, 64, 128). The IP number increases by one for each increase in the slot number.

0.0.0.0 ~126.255.255.254 128.0.0.1 ~191.255.255.254 192.0.0.1 ~223.255.255.254 (default = 172.16.0.10)

10-12-10 *

CCPU Network Setup – Subnet Mask

Define the VOIPDB Media Gateway Subnet Mask Address. The setting of Subnet Mask errors when all Host Addresses are 0.

128.0.0.0 192.0.0.0 224.0.0.0 240.0.0.0 248.0.0.0 252.0.0.0 254.0.0.0 255.0.0.0 255.128.0.0 255.192.0.0 255.224.0.0 255.240.0.0 255.248.0.0 255.252.0.0 255.254.0.0 255.255.0.0


11


1 2 3

10-12-10 (cont.)

255.255.128.0 255.255.192.0 255.255.224.0 255.255.240.0 255.255.248.0 255.255.252.0 255.255.254.0 255.255.255.0 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 255.255.255.254 255.255.255.255 (default = 255.255.0.0)

10-12-11

CCPU Network Setup – NIC Setup

Define the LAN interface Speed and Mode of the VoIP Application supported.

0 = Auto Detect 1 = 100 Mbps, Full Duplex 2 = 100 Mbps, Half Duplex 3 = 10 Mbps, Full Duplex 4 = 10 Mbps, Half Duplex 5 = 1 Gbps, Full Duplex 6 = 1 Gbps, Half Duplex (default = 0)

10-19-01

VoIP DSP Resource Selection

Select type o f VOIPDB DSP Resource. This program setting has no a f fect on the terminal/trunk port assignment or usage.

Select type of VOIPDB DSP Resource. This program setting has no affect on the terminal/trunk port assignment or usage.

10-20-01 * LAN Setup for External Equipment – TCP Port

Define the TCP port number for the LAN CTI and O&M communication between the CCPU and the Desktop Applications.

0~65535 default: External Device 1 (CTI Server) = 0 External Device 2 (ACD MIS) = 4000 External Device 5 (SMDR Output) = 0 External Device 6 (DIM Output) = 0 External Device 11 (O&M Server) = 8010 External Device 12 (Traffic Report Output)

= 0 External Device 13 (Room Data Output for

Hotel Service ) = 0

10-26-04 * IP System Operation Setup

Disable the Peer-to-Peer feature for SIP MLT and SIP IP stations.

0= off 1= on (default=1)


12


1 2 3

10-46-01 UX5000 IP Terminal Server Information Setup – Register Mode

If set to 0, when the terminal boots up it reports the ext. assigned in the terminal or chooses the next available extension in the UX5000. No password is required. If set to 1 the SIP user name and password must be entered on the actual IP terminal. These settings must match 84-22/15-05-27, or the terminal does not come on-line. If set to 2, when the terminal boots up it prompts user to enter a user ID and password before logging in. It checks this user ID/password against 84-22/15-05-27. If there is no match, the terminal does not come on-line.

0 = Normal 1 = Auto 2 = Manual (default = 0)

84-26-01 * VOIPDB Basic Setup – IP Address

Assign the IP address for each DSP on the VOIPDB.

xxx.xxx.xxx.xxx Defaults: Slot 1 = 172.16.0.20 : Slot 4 = 172.16.0.44 VoIP GW Number 1~8 172.16.0.20 ~ 172.16.16.0.27

84-26-02

VOIPDB Basic Setup – RTP Port Number

Assign the RTP port number to be used for each DSP on the VOIPDB.

Only even numbered ports are supported.

0~65534 Defaults: VoIP GW1 = 10020 VoIP GW2 = 10052 VoIP GW3 = 10084 VoIP GW4 = 10116 VoIP GW5 = 10148 VoIP GW6 = 10180 VoIP GW7 = 10212 VoIP GW8 = 10244

84-26-03 VOIPDB Basic Setup – RTCP Port Number (RTP Port Number +1)

Assign the RTCP Port number to used for each DSP on the VOIPDB.

0~65534 Defaults: VoIP GW1 = 10021 VoIP GW2 = 10053 VoIP GW3 = 10085 VoIP GW4 = 10117 VoIP GW5 = 10149

90-61-01 Manual Slot Installation Assign the PVAU-NAT to a slot.

0 = None 1 = Router 2 = PVAU-NAT


13

Section 7 PVAU NAT Application Programming

1. Once the PVAU blade is installed, the PVAU NAT application allows users to access the PVAU NAT through their web browser. To access the PVA-NAT, launch your Internet Explorer 6.0 or higher and enter the default public IP address 192.168.1.100 in the address link. Note: Your computer must be statically assigned on the 192.168.1.0/24 network.

2. Users will be prompted for default user name and password. Default User name: installer and password: installer.

The defined IP addresses shown in the following graphics are examples only and your entries should be specific to your network environment.

7.1 PVAU NAT Login


14

7.2 PVAU NAT Network Settings In this screen, the IP address for the PVA-NAT can be configured. PVAU NAT requires a static IP address on the WAN.

PVAU-NAT Public IP Address


15

7.3 SIP Server Configuration IP Address: IP address of the VOIPDB (32, 64, 128). This should match Program 10-12-09 in UX5000 programming. Server Port – Default: 5080. If you change this port in Program 10-46-06, then the SIP Server Port on all terminals must change. Base Port – Default: 40000. This value is arbitrary but should only be changed if a conflict exists on the network.

IP Address of VOIPDB

IP Terminal Register Port

Change if port conflict occurs


16

7.4 NAPT Configuration Check Box – Should be utilized if the CCPU is on the LAN side of NAT router and the PVA-NAT is on the WAN. Set port forwarding for all the RTP ports utilized by the VOIPDB (32, 64, 128) in Program 84-26. Port forwarding on the NAPT router must reflect Program 84-26 settings. Also set the SIP port in Program 10-46-06 to be forwarded by the router (default 5080).

VOIPDB 32 open UDP ports 10020 ~ 10083 VOIPDB 64 open UDP ports 10020 ~ 10147 VOIPDB 128 open UDP ports 10020 ~10275

WAN IP Address of NAT Router = 10.1.1.1

Check if the UX5000 is in the LAN


17

7.5 CTI Proxy Configuration This setting is used for supporting the UX Softphone over NAT. With this enabled, a VPN connection is no longer needed.

Define the port number for Desktop Suite (refer to Program 10-20-01, Device 9)


18

7.6 User Configuration Here you can add, edit, or delete user login credentials for accessing the PVAU NAT configuration web interface.


19

7.7 Logout After making changes to the PVAU NAT blade, press the logout button to exit out of programming.


20

7.8 Blade Reset The PVAU NAT blade may be reset via GUI or pressing the reset button on the PVAU blade. Any network address configuration changes for the PVAU NAT will prompt users to reset the PVAU NAT application.

The PVAU NAT blade may be reset via GUI or by pressing the reset button on the PVAU.

Any network address configuration changes for the PVAU NAT will prompt users to reset the PVAU NAT application.


21

7.9 Required IP Terminal Setting LAN IP Terminal

• SIP Setting -> Server Address and URI -> 1st ~ 4th Server Address - Enter the PVAU-NAT public IP address (12.3.3.3)

• SIP Setting -> SIP Server Port -> 1st ~ 4th Server Port - Enter the port number (ex: 5080)

7.10 Router Setting (Remote) No setting is required. If the operation does not work, set the port forwarding:

• 5060 (SIP Signaling) to IP terminal

• 3462 (RTP Stream) to IP terminal

7.11 NAT Router Setting (System) Port Forwarding - Refer the following ports to the VOIPDB IP address (Program 10-12-09)

• 5080 (SIP Signal) to VOIPDB (Program 10-12-09)

• 5081 (SIP Signal) to VOIPDB (Program 10-12-09)

• RTP Stream (refer to Program 84-26) - 10020~10051 to GW1 address - 10052~10083 to GW2 address, etc.

• 8282 (for UX Softphone) to VOIPDB (Program 10-12-09)


22

Project PVAU NAT

iSIP (SIP MLT / UX Softphone) Yes

Standard SIP (3rd Party) No

Public IP Address Required PVAU Requires

UX5000 can reside at a local area network Yes

NAPT Router Configuration (near a UX5000)

Yes

NAP Router Configuration (near IP terminals)

No (Plug & Play)

Encryption No

P2P Conditional

Feature using Multicast (MOH/BGM/Paging)

MOH: Under Investigation BGM: No Paging: Unicast

Capacity Limit 32/PVAU

Plug-and-Play at the remote location – no configuration needed at the NAT router

At the remote location – no configuration needed at the NAT router

Host Firewall Configuration One time configuration at the host location (UX5000 location) for Port Forwarding. UX5000 CCPU is not exposed to internet threats.

UX5000 PVAU NAT Traversal Manual

Contact Information

NEC Unified Solutions, Inc.

4 Forest ParkwayShelton, CT 06484

www.necux5000.com

Important Telephone Numbers

Sales Support and General Information

. . . . . . . . . . . . . . . . . . .

800-365-1928

Technical Service

Current Products

(For NEC Authorized and Certified Installers Only)

. . . .

866-597-9762

Current Products After Hours

(Emergencies Only)

. . . . . . . . . . . . . . . . . .

203-929-7920

Discontinued Products

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

900-990-2541

Customer Service

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

203-926-5444

Technical Training

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

203-926-5430

(0913106)

June 26, 2009, Rev 2

Printed in U.S.A.

NEC Unified Solutions, Inc.4 Forest Parkway

Shelton, CT 06484

www.necux5000.com

(See inside back cover for contact information.)

empowered by innovation - nec ux5000

Documents